To see the other types of publications on this topic, follow the link: Automation and response (SOAR).
Journal articles on the topic 'Automation and response (SOAR)'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Automation and response (SOAR).'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Weil, Ramon. "Security Orchestration, Automation and Response (SOAR)." Technische Sicherheit 13, no. 11-12 (2023): 41–42. http://dx.doi.org/10.37544/2191-0073-2023-11-12-41.
Full textAbstract:
Risikobewusste Unternehmen haben in der Regel mehrere IT-Sicherheitslösungen im Einsatz, um ihre Organisation vor Cyberbedrohungen zu schützen. Auch wenn die einzelnen Tools optimal funktionieren – sie arbeiten nicht unbedingt zusammen. Aufgrund begrenzter Ressourcen und dem Mangel an verfügbaren Fachkräften besteht für viele Unternehmen die besondere Herausforderung, mit dieser Entwicklung Schritt zu halten. Aus diesem Grund hat die Weiterentwicklung von Security Orchestration, Automation and Response (SOAR) deutlich an Fahrt aufgenommen. Der Beitrag zeigt, wie SOAR-Systeme die Cybersicherheit revolutionieren.
2
Sabeeruddin, shaik. "The Growing Role of Security Orchestration, Automation and Response (SOAR) in SOC Operations." International Journal of Leading Research Publication 5, no. 12 (2024): 1–6. https://doi.org/10.5281/zenodo.14769600.
Full textAbstract:
The increasing complexity of cyber threats demands advanced solutions for Security Operations Centers (SOCs). Security Orchestration, Automation, and Response (SOAR) has emerged as a crucial technology for enhancing SOC operations by integrating diverse security tools, automating repetitive tasks, and optimizing incident response workflows. This paper investigates the expanding role of SOAR in SOCs, emphasizing its advantages, applications, and influence on cybersecurity efficacy. By examining the challenges encountered by SOCs and how SOAR mitigates these issues, this research highlights the necessity of adopting SOAR technologies for enhanced operational resilience against evolving threats. Additionally, it analyzes emerging trends and future advancements in SOAR to assist organizations in adapting to a swiftly changing threat landscape.
3
Gustina DM, Venny, and Ananda Ananda. "Kecerdasan Buatan untuk Security Orchestration, Automation and Response: Tinjauan Cakupan." Jurnal Komputer Terapan 10, no. 1 (2024): 36–47. http://dx.doi.org/10.35143/jkt.v10i1.6247.
Full textAbstract:
Integrasi kecerdasan buatan (AI) dalam Security Orchestration, Automation, and Response (SOAR) menjanjikan revolusi dalam operasi keamanan siber. Adopsi teknologi SOAR yang didukung AI dapat membantu organisasi meningkatkan ketahanan mereka terhadap serangan siber. Beberapa penelitian mengusulkan penggunaan mesin SOAR yang dapat menerapkan honeypot khusus dan mengidentifikasi serangan, sedangkan yang lain mengintegrasikan kecerdasan buatan untuk meningkatkan pemahaman situasional dan respons terhadap ancaman keamanan. Penggunaan teknologi AI/ML dalam keamanan siber dapat meningkatkan efektivitas analis SOC dalam mendeteksi, mencegah, dan merespons serangan keamanan dengan cara seperti deteksi ancaman yang lebih baik, otomatisasi tugas rutin, analisis data yang lebih cepat dan akurat, peningkatan respons terhadap serangan, dan pengurangan beban kerja. Kemampuan deteksi pada mesin SOAR mencakup deteksi HTTP IDS, Botnet, dan DDoS, dengan menggunakan model pembelajaran mesin yang dilatih pada berbagai jenis data. Mesin SOAR juga dilengkapi dengan kemampuan deteksi ancaman keamanan lainnya, seperti analisis perilaku, analisis log, analisis malware, dan analisis intelijen ancaman. Sistem SOAR yang dilengkapi dengan mesin pembelajaran berbasis jaringan saraf tiruan mampu menganalisis data secara real-time dan melakukan deteksi ancaman dengan cepat. Sehingga penggunaan teknologi AI dan analisis real-time membantu dalam mengurangi beban kerja profesional keamanan dan meningkatkan efisiensi dalam menghadapi serangan siber.
4
Ismail, Rahmat Kurnia, Zilmas Arjuna Brata, et al. "Toward Robust Security Orchestration and Automated Response in Security Operations Centers with a Hyper-Automation Approach Using Agentic Artificial Intelligence." Information 16, no. 5 (2025): 365. https://doi.org/10.3390/info16050365.
Full textAbstract:
The evolving landscape of cybersecurity threats demands the modernization of Security Operations Centers (SOCs) to enhance threat detection, response, and mitigation. Security Orchestration, Automation, and Response (SOAR) platforms play a crucial role in addressing operational inefficiencies; however, traditional no-code SOAR solutions face significant limitations, including restricted flexibility, scalability challenges, inadequate support for advanced logic, and difficulties in managing large playbooks. These constraints hinder effective automation, reduce adaptability, and underutilize analysts’ technical expertise, underscoring the need for more sophisticated solutions. To address these challenges, we propose a hyper-automation SOAR platform powered by agentic-LLM, leveraging Large Language Models (LLMs) to optimize automation workflows. This approach shifts from rigid no-code playbooks to AI-generated code, providing a more flexible and scalable alternative while reducing operational complexity. Additionally, we introduce the IVAM framework, comprising three critical stages: (1) Investigation, structuring incident response into actionable steps based on tailored recommendations, (2) Validation, ensuring the accuracy and effectiveness of executed actions, (3) Active Monitoring, providing continuous oversight. By integrating AI-driven automation with the IVAM framework, our solution enhances investigation quality, improves response accuracy, and increases SOC efficiency in addressing modern cybersecurity threats.
5
Das, Anauksa. "Automation and Orchestration in Cyber Threat Intelligence (CTI): A Survey." International Journal for Research in Applied Science and Engineering Technology 13, no. 6 (2025): 1964–70. https://doi.org/10.22214/ijraset.2025.72574.
Full textAbstract:
Cyber Threat Intelligence (CTI) has become an essential part of security operations with the sudden rise in cyber threats. To manage the collection, enrichment, correlation, and response workflows for CTI, several automation and orchestration technologies, such as SOAR (Security Orchestration, Automation, and Response) platforms and CTI pipelines are utilised. This survey reviews open-source as well as commercial SOAR platforms e.g. Splunk SOAR, Cortex XSOAR, IBM QRadar SOAR, TheHive, Shuffle) as well as frameworks used in CTI such as MISP and OpenCTI, comparing their features, integration capabilities, and limitations. Research done in the last 5-7 years on automated CTI processing, including methods for improving and linking data, AI and machine learning-driven analysis, and full-system architectures, is highlighted in this paper. Standard formats like STIX/TAXII and related sharing protocols help ensure different systems can communicate effectively. A comparison table shows the difference between major platforms based on key aspects such as data formats, integrations, response capabilities, and AI/ML support. Common challenges like data compatibility, source reliability, data quality, processing speed, and scalability are also discussed. Finally, a classification of automation components along with an example orchestration architecture, illustrated (Figure 1) is presented. The survey concludes with an overview of current challenges and potential future developments in CTI automation and orchestration
6
Kotliarov, O. Y., and L. L. Bortnik. "OVERVIEW OF THE FUNDAMENTAL MODEL OF SECURITY ORCHESTRATION, AUTOMATION, AND RESPONSE IN THE CONTEXT OF CYBERSECURITY OF VIRTUAL NETWORKS." Computer systems and network 7, no. 1 (2025): 160–75. https://doi.org/10.23939/csn2025.01.160.
Full textAbstract:
The aim of this study is a comprehensive analysis of the fundamental SOAR (Security Orchestration, Automation, and Response) model in the context of cybersecurity for virtual networks. The paper presents a synthesis of the core concepts of orchestration, automation, and response, which are critical elements of modern approaches to risk management and information system protection. Particular attention is paid to the integration of SOAR with existing cybersecurity technologies such as SIEM, EDR, and XDR, enabling the creation of a unified security ecosystem that ensures rapid threat detection, classification, and response. The study examines the classification of threats inherent to decentralized and multi-cloud environments, including protocol-level attacks, data breaches, and insider threats, while emphasizing specific challenges such as network configuration dynamics and the scalability of security solutions. A comparative analysis of SOAR’s compliance with international cybersecurity standards (NIST, ISO 27001) demonstrates its ability to harmonize approaches and automate compliance procedures with regulatory requirements. The research also covers prospective directions for SOAR development, including the implementation of artificial intelligence and self-learning algorithms for adaptive threat management, the use of digital twins to simulate security scenarios, and adaptation to the challenges of quantum computing. Additionally, the role of big data in enhancing SOAR functionality is highlighted, particularly in reducing false positives and identifying multi-vector attacks. The results of this study have an applied nature and are aimed at improving cybersecurity tools to ensure comprehensive protection of virtualized environments. It is concluded that the SOAR model is a key component in forming strategic approaches to the protection of information assets in the context of evolving cyber threats. Keywords: Cybersecurity, SOAR, automation, multi-cloud environments, risk management, security standards, virtual networks, network traffic.
7
Thakker, Aastha, Aditya More, and Kapil Kumar. "Automated Defense Against Application-Layer Attacks on Windows Systems Using Wazuh and Shuffle." International Journal of Education, Science, Technology, and Engineering (IJESTE) 8, no. 1 (2025): 45–57. https://doi.org/10.36079/lamintang.ijeste-0801.842.
Full textAbstract:
Application-layer attacks targeting Windows systems remain a significant threat due to their ability to bypass traditional perimeter defenses. These attacks often exploit vulnerabilities listed in the OWASP Top 10 for desktop applications, demanding proactive defense mechanisms. This paper proposes a unified approach that combines SIEM and SOAR capabilities to detect and respond to Windows-based application-layer threats with increased efficiency and automation. The framework integrates the open-source SIEM platform Wazuh with the SOAR engine Shuffle to automate threat detection and incident response. A layered defense strategy is implemented, involving log correlation, rule-based policy enforcement, and playbook-driven response automation. The integration reduces manual triage overhead and enhances response time compared to traditional SOC patterns. This framework demonstrates a scalable, open-source-based solution for defending Windows environments at the application layer. It sets the groundwork for future integration of AI-driven analytics, multi-OS support, and tamper-proof event lo event logging using blockchain technologies.
8
Sujan Kumar, Kummari. "Next-Generation Security Operations: Leveraging Automation for Proactive Threat Mitigation." INTERNATIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 09, no. 04 (2025): 1–9. https://doi.org/10.55041/ijsrem43432.
Full textAbstract:
ABSTRACT As cybersecurity threats evolve, traditional Security Operations Centers (SOCs) face challenges such as alert overload, manual processes, and delayed incident response. The proposed method is automated SOC solution leveraging open-source technologies to enhance threat detection, streamline investigation processes, and enable proactive threat mitigation. The approach integrates comprehensive threat monitoring, a collaborative case management system, and an automation framework for security response actions. By implementing predefined processes and responsive capabilities, the solution empowers SOCs to automatically execute predetermined actions based on detected threats. The proposed architecture is scalable and adaptable, allowing organizations to tailor the SOC to their specific needs while benefiting from open-source tools and automation. By automating repetitive tasks and facilitating rapid response, the solution aims to reduce analyst workload, minimize human error, and enhance overall security posture. The proposed method involves implementing and evaluating the integrated solution in a simulated environment, assessing its performance in detecting and mitigating various cyber threats compared to traditional manual approaches. Potential challenges and limitations are also discussed, paving the way for future enhancements. Keywords: Security Operations Center (SOC), Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Threat Detection
9
Jaiswal, Bhargav Dilipkumar. "Designing Scalable Software Automation Frameworks for Cybersecurity Threat Detection and Response." International Journal of Scientific Research and Management (IJSRM) 13, no. 02 (2025): 1958–80. https://doi.org/10.18535/ijsrm/v13i02.ec03.
Full textAbstract:
Cybersecurity threats are rapidly evolving, posing significant challenges to organizations seeking to protect critical digital assets. Traditional security approaches, such as rule-based detection and manual incident response, have proven inadequate in addressing the complexity and scale of modern cyber threats, particularly those involving zero-day vulnerabilities, ransomware, and advanced persistent threats (APTs). In response, scalable software automation frameworks have emerged as a critical solution for real-time threat detection and response. This paper presents a comprehensive study on designing scalable cybersecurity automation frameworks, integrating artificial intelligence (AI), machine learning (ML), cloud computing, and Security Orchestration, Automation, and Response (SOAR) systems to enhance security resilience. The study examines key architectural principles, including microservices-based security structures, cloud-native deployment models, AI-driven anomaly detection, and automated incident response mechanisms. Furthermore, the paper explores how real-time security monitoring, predictive analytics, and Zero Trust security models contribute to an adaptive cybersecurity defense strategy. To validate the effectiveness of scalable automation frameworks, the paper presents case studies of Google Chronicle, IBM Security QRadar, and Microsoft Azure Sentinel, analyzing their efficiency in automated threat intelligence, behavioral analytics, and cloud-based security operations. Additionally, we discuss major challenges associated with scalability, performance, AI explainability, and interoperability with legacy security infrastructures. The proposed framework offers an optimized cybersecurity automation model that enhances detection speed, minimizes false positives, and ensures seamless threat response automation. The findings indicate that integrating AI-enhanced SIEM and SOAR solutions into a cloud-native cybersecurity ecosystem significantly improves cyber threat mitigation, response times, and overall security posture. Future research should focus on advancing federated learning for distributed security intelligence, blockchain for decentralized security enforcement, and explainable AI (XAI) for more transparent cybersecurity decision-making. This study contributes to the growing body of cybersecurity research by providing a scalable, AI-driven, and cloud-integrated framework for organizations to enhance their security resilience in an increasingly complex threat landscape.
10
Suchismita, Chatterjee. "Using SIEM and SOAR for Real-Time Cybersecurity Operations in Oil and Gas." INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH AND CREATIVE TECHNOLOGY 6, no. 2 (2020): 1–11. https://doi.org/10.5281/zenodo.14598693.
Full textAbstract:
The oil and gas industry is a prime target for cyberattacks due to the critical infrastructure it controls and the high value of its data. This paper explores the evolving landscape of cyber threats facing the industry, including sophisticated attacks, ransomware, DDoS attacks, phishing, and insider threats. It delves into the challenges posed by the convergence of IT and OT systems, ICS vulnerabilities, supply chain attacks, and legacy systems.To address these threats, the paper examines the role of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) technologies. SIEM provides real-time monitoring and analysis of security events, while SOAR automates incident response and reduces mean time to resolution (MTTR) and mean time to detection (MTTD). The paper discusses how SIEM and SOAR can be used together to enhance threat detection, response, and proactive threat hunting.Furthermore, the paper explores the benefits and limitations of SIEM and SOAR, including cost, complexity, and skillset requirements. It provides best practices for implementing these technologies, such as establishing clear security policies, implementing a layered security approach, and regularly updating security rules and playbooks. By leveraging SIEM and SOAR, oil and gas companies can significantly improve their cybersecurity posture and protect their critical infrastructure and sensitive data.
11
Chintan Udeshi. "The Role of Automation and Platformization in Enhancing Enterprise Cybersecurity." International Journal of Scientific Research in Computer Science, Engineering and Information Technology 11, no. 1 (2025): 2984–90. https://doi.org/10.32628/cseit251112314.
Full textAbstract:
This article examines the critical role of automation and platformization in addressing the challenges faced by modern enterprise cybersecurity. As organizations increasingly adopt hybrid and multi-cloud strategies, they find themselves managing a complex array of security tools, leading to overwhelming volumes of alerts and fragmented visibility. The paper explores how Security Orchestration, Automation, and Response (SOAR) technologies can streamline security operations by automating routine tasks, integrating disparate tools, and significantly reducing incident response times. Additionally, it discusses the trend towards platformization and vendor consolidation, highlighting the benefits of centralized threat visibility and consistent policy enforcement across diverse environments. The article argues that these approaches not only enhance an organization's ability to detect and respond to threats but also allow security teams to focus on more advanced, high-priority issues. By presenting a comprehensive overview of these strategies, the paper provides valuable insights for organizations seeking to improve their cybersecurity posture in an increasingly complex digital landscape.
12
Reddy Pulyala, Srinivas, Avinash Gupta Desetty, and Vinay Dutt Jangampet. "The Impact of Security Orchestration, Automation, and Response (SOAR) on Security Operations Center (SOC) Efficiency: A Comprehensive Analysis." Turkish Journal of Computer and Mathematics Education (TURCOMAT) 10, no. 3 (2019): 1545–49. http://dx.doi.org/10.61841/turcomat.v10i3.14323.
Full textAbstract:
Security Operations Centers (SOCs) are the backbone of an organization's cybersecurity defense, responsible for monitoring security events, detecting and investigating incidents, and responding to attacks. However, SOC teams often need help with the challenge of being overwhelmed with alerts and incidents, making it difficult to keep pace with the evolving threat landscape. This can lead to delayed incident response times, increased risk of compromise, and a weakened overallsecurity posture.
 Security Orchestration, Automation, and Response (SOAR) have emerged as promising technology to help SOC teams enhance their efficiency and effectiveness. SOAR platforms offer the capability to automate tasks, streamline workflows, and provide a single pane of glass for managing security operations. This can enable SOC teams to reduce their workload, improve their response times, and make better decisions.
13
Ramakrishnan, Shanmugavelan, and Dinesh Reddy Chittibala. "Enhancing Cyber Resilience: Convergence of SIEM, SOAR, and AI in 2024." International Journal of Computing and Engineering 5, no. 2 (2024): 36–44. http://dx.doi.org/10.47941/ijce.1754.
Full textAbstract:
Purpose: The study aims to examine the synergistic effects of integrating Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), and Artificial Intelligence (AI) technologies in enhancing cybersecurity frameworks. It explores how this combination can lead to a transformative era in cybersecurity, focusing on the improved efficacy of threat management and incident response.
 Methodology: An analytical approach was used to investigate the integration trends between SIEM and SOAR technologies, underpinned by advancements in AI. This method emphasizes accelerated incident detection and response, enriched threat intelligence collaboration, and fortified security strategies.
 Findings: The fusion of SIEM, SOAR, and AI technologies has led to a paradigm shift in cybersecurity, offering unparalleled efficiency in threat management and a significant reduction in the impacts of cyber incidents on entities. It highlights the accelerated detection and response to incidents and the enhancement of threat intelligence collaboration and security strategies.
 Unique Contribution to Theory, Practice, and Policy: This study contributes to the field by presenting invaluable insights for cybersecurity practitioners and entities aiming to strengthen their defenses against an evolving digital threat landscape. It advocates for a proactive orchestration of security measures, underlining the strategic implications of the SIEM-SOAR-AI triad for future cybersecurity endeavors. Recommendations are provided for entities to adopt this integrated approach to enhance their cybersecurity frameworks effectively.
14
Pitkar, Harshad. "Cloud Security Automation Through Symmetry: Threat Detection and Response." Symmetry 17, no. 6 (2025): 859. https://doi.org/10.3390/sym17060859.
Full textAbstract:
Cloud security automation has emerged as a critical solution for organizations facing increasingly complex cybersecurity challenges in cloud environments. This study examines the current state of cloud security automation, focusing on its role in symmetry between threat detection and response capabilities. Through analysis of recent market trends and technological developments, this paper explores key technologies, including Security Information and Event Management (SIEM), Extended Detection and Response (XDR), and Security Orchestration, Automation, and Response (SOAR) platforms. The integration of artificial intelligence and machine learning has transformed these systems, enabling real-time threat detection and automated response mechanisms. The research examines real-world applications and highlights that organizations implementing automated security solutions have demonstrated improved incident response times and reduced security breaches. However, challenges remain in terms of the complexity of integration and symmetry between automation and human expertise. As the global AI cybersecurity market is projected to reach $134 billion by 2030, the future of cloud security automation lies in advanced AI-driven solutions and improved threat intelligence integration. Even though cloud platforms are widely used, existing security tools have challenges in identifying real-time threats, the integration of heterogeneous data sources, and actionable intelligence generation. The majority of current solutions are not designed for cloud-native platforms and do not scale or evolve. This paper overcomes these challenges by introducing a scalable and extensible cloud security architecture, which uses sophisticated correlation and threat intelligence to provide increased detection accuracies as well as reduced response times for the challenging environment of advanced cloud-based infrastructures. This research aims to equip organizations with proven methods from real-world use cases and strategies that they can adopt to enable automated threat detection and response.
15
Kasturi, Santanam, Xiaolong Li, Peng Li, and John Pickard. "A Proposed Approach to Integrate Application Security Vulnerability Data with Incidence Response Systems." American Journal of Networks and Communications 13, no. 1 (2024): 19–29. http://dx.doi.org/10.11648/j.ajnc.20241301.12.
Full textAbstract:
This paper has proposed a method to develop an attack tree, from application vulnerability data discovered through tests and scans and correlation analysis using incoming transaction requests monitored by a Web Application Firewall (WAF) tool. The attack tree shows multiple pathways for an attack to shape through vulnerability linkages and a deeper analysis of the Common Weakness Enumeration (CWE) and Common Vulnerability Exposure (CVE) mapping to individual vulnerabilities. By further relating to a parent, peer, or child CWE (including CWEs that follow another CWE and in some cases precede other CWEs) will provide more insight into the attack patterns. These patterns will reveal a multi-vulnerability, multi-application attack pattern which will be hard to visualize without data consolidation and correlation analysis. The correlation analysis tied to the test and scan data supports a vulnerability lineage starting from incoming requests to individual vulnerabilities found in the code that traces a possible attack path. This solution, if automated, can provide threat alerts and immediate focus on vulnerabilities that need to be remedied as a priority. SOAR (Security Orchestration, Automation, and Response), XSOAR (Extended Security Orchestration, Automation, and Response), SIEM (Security Information and Event Management), and XDR (Extended Detection and Response) are more constructed to suit networks, infrastructure and devices, and sensors; not meant for application security vulnerability information as collected. So, this paper makes a special case that must be made for integration of application security information as part of threat intelligence, and threat and incident response systems.
16
Oluwatosin Oladayo Aramide. "AI-Driven Cybersecurity in Storage Infrastructure." World Journal of Advanced Engineering Technology and Sciences 12, no. 2 (2024): 990–1001. https://doi.org/10.30574/wjaets.2024.12.2.0270.
Full textAbstract:
This paper sheds some light on how AI-powered cybersecurity can be applied to protecting storage infrastructures, namely, high-throughput NFS and S3 object stores. As data becomes more sensitive and volumes larger, conventional security is failing and perhaps the most vulnerable to this are AI/ML data. The research suggests taking into consideration the behavior-based threat identification, which reflects application to detection of ransomware, data exfiltration, insider threats, and others, prior to their evolvement. An AI can proactively identify anomalies by studying the activities and actions of the users and systems and help raise an alert on the occurrence of a possible breach. The article also discusses the integration of AI systems with SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) tools, leveraging Open Telemetry for seamless coordination and real-time threat response. As it suggests the sure need to adopt appropriate security measures to highly sensitive AI/ML datasets, the article lends prominence to the flexibility and scalability of AI-enhanced cybersecurity as a solution to security issues concerning storage in a dynamic environment.
17
Ramya V. J. "Data-Driven Framework for Cloud Storage Security Optimization: Leveraging Predictive Analytics and Machine Learning to Enhance Threat Detection and Incident Response." Journal of Electrical Systems 20, no. 10s (2024): 6646–53. http://dx.doi.org/10.52783/jes.6721.
Full textAbstract:
As cloud storage adoption accelerates, securing sensitive data against evolving threats, including Advanced Persistent Threats (APTs), Zero-Day Exploits, and Insider Threats, has become paramount. This research introduces a data-driven framework that harnesses predictive analytics, machine learning (ML), and deep learning (DL) techniques to fortify threat detection and incident response in cloud storage environments. By integrating real-time monitoring via Security Information and Event Management (SIEM) systems, anomaly detection using Convolutional Neural Networks (CNN) and Recurrent Neural Networks (RNN), and predictive modeling through Graph-Based Anomaly Detection (GBAD), our framework identifies potential security risks and optimizes countermeasures. Leveraging ML algorithms, such as Random Forest and Support Vector Machines (SVM), our approach analyzes historical incident data, user behavior, and system logs to predict and prevent attacks. Key benefits include proactive security measures, reduced response times via Security Orchestration, Automation, and Response (SOAR), and minimized data breaches through Containerization (Docker) and Serverless Computing (AWS Lambda). This research advances the development of intelligent cloud storage security solutions, ensuring robust protection for sensitive data in cloud-based infrastructure, compliant with PCI-DSS, HIPAA, GDPR, NIST Cybersecurity Framework, and ISO 27001.
18
Kasturi, Santanam, Xiaolong Li, Peng Li, and John Pickard. "On the Benefits of Vulnerability Data Consolidation in Application Security." International Conference on Cyber Warfare and Security 19, no. 1 (2024): 455–62. http://dx.doi.org/10.34190/iccws.19.1.2086.
Full textAbstract:
This research aims to build upon a conceptual idea of consolidating all application security vulnerability data from monitoring, detection, and discovery tools into a physical system that allows for convergence of observation and response to an event that is a threat. Multiple application security testing and monitoring tools are deployed at different layers of an application architecture and capture activities that occur at that layer. This multi-layer data capture is disconnected without any analysis of data lineage from the externally exposed web attack surface to deep down into the application and data layers. It is only through this data consolidation can one provide a reliable statistical analysis of correlating multiple vulnerability information and synthesize an attack pattern and predict possible events accurately. The benefits of such a system are discussed in this paper that includes how one can organize the data, identifying temporal and spatial correlation of events, focusing on specific web requests that point to a specific vulnerability, and formulating a fast response to such events. Advantages of integrating with Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR/XSOAR), Extended Detection Response (XDR) are briefly discussed. The analysis can be further used to develop a predictive system using deep learning (DL) techniques using correlation of application security vulnerability information.
19
Ivanov, Andrei V., Ivan V. Nikroshkin, Igor A. Ognev, and Maksim A. Kiselev. "Application of the Blue Team expertise tools in the process of monitoring information systems on the example of the TI platform (Threat Intelligence)." Digital technology security, no. 2 (June 28, 2023): 34–51. http://dx.doi.org/10.17212/2782-2230-2023-2-34-51.
Full textAbstract:
The purpose of this scientific study is to analyze the possibilities of increasing the effectiveness of protection against cyber threats through the use of Blue Team expert systems. The paper provides an overview of various Blue Team expert systems, including advanced detection and response (XDR) systems, information security incident response platforms (IRPs), incident management, automation and response (SOAR) systems, as well as cyber intelligence systems for threat analysis (TI). Threat Intelligence processes are analyzed, including the collection, analysis and interpretation of information about cyber threats. Particular attention is paid to the cyber intelligence platform for threat analysis – TI MISP, including the analysis of the data model of this platform. An example of working with the CVE-2022-26134 vulnerability is provided, demonstrating the effectiveness of using the TI MISP platform to identify threats and take measures to prevent them. At the end of the work, conclusions were drawn about the advantages and disadvantages of using a cyber intelligence platform for threat analysis. In this regard, the use of Blue Team expert systems, including the TI platform, in the process of monitoring information systems can significantly increase the efficiency of identifying computer incidents and provide more reliable protection of information infrastructure, despite their shortcomings.
20
Ahmad, Siti Arpah, Muhammad Al’Imran Mohd Khairuddin, Nor Shahniza Kamal Bashah, and Nurul Aishah Ab Raman. "An integrated framework for data breach on the dark web in brand monitoring data hunting." International Journal of Electrical and Computer Engineering (IJECE) 15, no. 3 (2025): 3162. https://doi.org/10.11591/ijece.v15i3.pp3162-3170.
Full textAbstract:
In today's digital landscape, data breaches pose a substantial threat, with the dark web serving as a prevalent platform for malevolent actors to perpetrate such incidents. Currently, security analysts use various tools to solve the problem, which is very time-consuming. This paper introduces a novel framework that integrates data breach monitoring within the dark web, focusing on brand monitoring and data hunting. The framework starts from the scraping process and continues with the utilisation of the Splunk dashboard. The dashboard provides an exhaustive overview of data breaches related to brands for both manual inquiries and rule-based detection mechanisms. The framework comprises five phases: data sourcing, data collection, integration, monitoring, and visualisation. The visualisation phase encompasses alert generation, notification mechanisms, and reporting functionalities. Moreover, the monitoring phase provides real-time surveillance, advanced search capabilities, brand monitoring, and threat intelligence integration. The integration phase involves security information and event management (SIEM) systems and security orchestration, automation, and response (SOAR) systems. This paper's result contributes to enhancing the National Institute of Standards and Technology (NIST) cybersecurity framework, offering a comprehensive solution to the data breaches challenge within the dark web and the frontiers of knowledge and security practices.
21
A.Shaji, George, S.Sagayarajan, T.Baskar, and George A.S.Hovan. "Extending Detection and Response: How MXDR Evolves Cybersecurity." Partners Universal International Innovation Journal (PUIIJ) 01, no. 04 (2023): 268–85. https://doi.org/10.5281/zenodo.8284342.
Full textAbstract:
As cyber threats grow more advanced, organizations need security solutions that can provide extensive visibility, rapid detection, and coordinated response across their entire IT environment. Managed Extended Detection and Response (MXDR) represents the next evolution in security, building on previous platforms like MDR and XDR to offer a more holistic detection and response approach. This white paper examines how MXDR enhances cybersecurity through continuous monitoring, advanced analytics, threat hunting, and other capabilities. It outlines the components of MXDR, including 24/7 monitoring, vulnerability management, forensic investigation, and real-time threat intelligence. A key benefit of MXDR is its ability to reduce “alert fatigue” by using automation and analysts to triage the flood of alerts from various security tools. It also accelerates threat detection and response by correlating telemetry data across the infrastructure to identify risks in real-time. While MDR provides endpoint detection and response, MXDR expands visibility across networks and cloud environments as well. The paper compares MXDR and MDR, showing how MXDR advances detection and response with expanded visibility, proactive threat hunting, coordinated incident response, and integration with existing security controls. In conclusion, MXDR represents a major step forward for enterprise security. It overcomes the limitations of previous platforms by consolidating telemetry data and providing context through analytics and human expertise. For organizations struggling with alert overload and siloed security tools, MXDR offers a way to gain unified visibility, anticipate emerging threats, and enact swift, targeted responses across endpoints, networks, and clouds. With its comprehensive approach to detection and response, MXDR provides the advanced protection today’s complex IT environments demand.
22
Pathak, Kshitij, and Nihal Nipane. "Design and Simulation of Smart Touchless Dispenser Using AT89C51 Microcontroller." International Journal for Research in Applied Science and Engineering Technology 13, no. 4 (2025): 5355–59. https://doi.org/10.22214/ijraset.2025.69596.
Full textAbstract:
Abstract: In the wake of increasing hygiene awareness, automation in liquid dispensing systems has gained significant relevance. This paper presents a low-cost, efficient, and compact solution for a smart touchless dispenser using the AT89C51 microcontroller. The system is designed to activate and deactivate a DC motor based on simple button-based user input, mimicking gesture control without the need for expensive sensors or complex interfacing modules. The use of push buttons as gesture proxies simplifies the hardware design and makes the system accessible for educational and prototype purposes. The motor-driven mechanism facilitates the dispensing of liquid such as soap or sanitizer in a contactless manner. The primary objective is to demonstrate how basic embedded system components can be utilized to implement practical automation with minimal resources. The proposed system ensures easy integration, low power consumption, and real-time response, making it ideal for public hygiene systems and small-scale embedded projects.
23
Dr., A.SHAJI GEORGE, GEORGE A.S.HOVAN, T.BASKAR, and Pandey Digvijay. "XDR: The Evolution of Endpoint Security Solutions -Superior Extensibility and Analytics to Satisfy the Organizational Needs of the Future." International Journal of Advanced Research in Science, Communication and Technology (IJARSCT) 8, no. 1 (2021): 493–501. https://doi.org/10.5281/zenodo.7028219.
Full textAbstract:
The challenge of securing critical data increases year after year. Evolving technology developments, involving the growth in cloud and the Internet of Things adoption make businesses' confidential data more vulnerable to sophisticated attackers. Protect the Whole Organization by using the Industry's First Extended Detection and Response (XDR) Platform Security teams have been inundated with inaccurate, inadequate alerts. As a result of today's siloed security tools, specialists should pivot from the console to the console to piece together investigative clues, which will result in horribly slow investigations. Although they've implemented countless tools, teams still lack enterprise-wide visibility as well as the deep analytics necessary to locate threats. Confronted with a lack of security professionals, teams need to streamline operations. Extended Detection and Response is the world's very first extended detection and response platform which integrates endpoint, network, as well as cloud data to halt advanced attacks. It combines prevention, investigation, detection, and response in a single platform for unparalleled security and operational effectiveness. In combination with a Managed Threat Hunting assistance, XDR offers continuous protection and industry-leading coverage. A new and more comprehensive approach to detection and response is clearly needed, one which not just includes traditional endpoints but then also includes the enhanced attack surface like the network and cloud. Luckily, these are only a few of the difficulties XDR was intended to solve. XDR unites and extends detection and response capacity through multiple security layers, offering security teams along with centralized end-to-end enterprise visibility, strong analytics, automatic response across the entire technology stack. XDR, clients can get integrated and proactive security measures designed to protect the whole technology stack, which makes it easier for security analysts to detect and stop attacks in progress prior to the impact to the business. Companies of all sizes and types, irrespective of their levels of cybersecurity expertise, is necessary to be considered sophisticated detection, improved visibility, and immediate response to sophisticated threats. The goal here is to explain what XDR is and how it empowers Information Technology, security teams, to stop threats and put them on the defensive. And also show how it provides superior extensibility and analytics which will fit the needs of the future. In the present article, we'll describe the fundamentals of XDR, and demonstrate how it help out for organizations as well as how it facilitates new security challenges. Moreover, this research paper will be useful for organizations to understand XDR in-depth, as well as how XDR can assist organizations in preventing cyberattacks as well as simplifying and improving security processes. In addition, this paper explains XDR, the capability of current and emerging technologies to offer greater visibility, collect and correlate threat information, and utilize analytics and automation to detect today and future attacks.
24
Hamidah, Miske Hayunia, and Siti Sri Wulandari. "PENGEMBANGAN INSTRUMEN PENILAIAN BERBASIS HOTS MENGGUNAKAN APLIKASI “QUIZIZZ”." Efisiensi : Kajian Ilmu Administrasi 18, no. 1 (2021): 105–24. http://dx.doi.org/10.21831/efisiensi.v18i1.36997.
Full textAbstract:
Abstrak: Pengembangan instrumen penilaian berbasis HOTS menggunakan aplikasi “quizizz”. Tujuan dari penelitian ini adalah mengembangkan alat evaluasi berbasis Higher Order Thinking Skills (HOTS) menggunakan aplikasi Quizizz, menguji tingkat kelayakan instrumen penilaian HOTS yang telah dikembangkan, menganalisis kemampuan berpikir tingkat tinggi siswa, dan menganalisis respon siswa terhadap penggunaan aplikasi Quizizz. Metode yang digunakan pada penelitian ini adalah metode penelitian pengembangan dengan model pengembangan Sugiyono sepuluh langkah namun dibatasi dengan tujuh langkah pengembangan. Subjek pada penelitian ini adalah seluruh siswa kelas XII produktif Otomatisasi Tata Kelola Perkantoran (OTKP) sebanyak 34 siswa. Hasil validasi produk pengembangan kepada tiga validator ahli diperoleh rata-rata validasi sebesar 94% (sangat kuat). Adapun hasil pengembangan, menunjukkan dari 30 butir soal yang dikembangkan 25 soal dikatakan valid dengan perhitungan r hitung > r tabel (0,3291). Reliabilitas soal sebesar 0,77 > 0,60 sehingga soal dapat dikatakan reliable. Tingkat kesukaran soal memiliki rata-rata “Sedang”. Terdapat 2 soal dengan daya pembeda “Kurang” sehingga soal harus dibuang. Secara keseluruhan pengecoh soal sudah berfungsi dengan baik ditunjukkan dengan pemilihan option jawaban melebihi 5% dari jumlah siswa. Hasil uji coba pada penelitian ini menunjukkan siswa memiliki rata-rata kemampuan berpikir tingkat tinggi pada kriteria “Cukup”. Rata-rata respon siswa sebesar 89,5% artinya siswa memberikan respon sangat positif dalam penggunaan Quizizz saat penerapan instrumen penilaian HOTS. Abstract: Development of HOTS-based assessment instruments using the "quizizz" application. The purpose of this research is to develop an evaluation tool based on Higher Order Thinking Skills (HOTS) using the Quizizz application, to test the feasibility of the HOTS assessment instrument that has been developed, to analyze students 'higher order thinking skills, and to analyze students' responses to the use of the Quizizz application. The method used in this study is a development research method with the Sugiyono ten-step development model but is limited to seven development steps. The subjects in this study were all students of class XII productive Office Governance Automation (OTKP) as many as 34 students. The results of the validation of development products to three expert validators obtained an average validation of 94% (very strong). As for the development results, it shows that of the 30 items developed, 25 questions are said to be valid with the calculation of r count> r table (0.3291). The reliability of the questions is 0.77> 0.60 so that the questions can be said to be reliable. The difficulty level of the item has a "Medium" average. There are 2 questions with "Less" distinguishing power, so the questions must be discarded. Overall, the question fraudsters are functioning properly, indicated by the selection of answer options exceeding 5% of the total number of students. The test results in this study showed students had an average high-order thinking ability on the "Enough" criterion. The average student response was 89.5%, meaning that students gave a very positive response in using Quizizz when implementing HOTS assessment instruments
25
Subudhi, Srihari. "Effectiveness of AI/ML in SOAR (Security Automation and Orchestration) Platforms." International Journal of Science and Research (IJSR) 13, no. 8 (2024): 201–6. http://dx.doi.org/10.21275/mr24802085215.
Full text
26
Smirnova, Tetiana, Liliia Konstantynova, Oksana Konoplitska-Slobodeniuk, et al. "STUDY OF THE CURRENT STATE OF SIEM SYSTEMS." Cybersecurity: Education, Science, Technique 1, no. 25 (2024): 6–18. http://dx.doi.org/10.28925/2663-4023.2024.25.618.
Full textAbstract:
In this work, a study of SIEM systems, the relevance of which has grown significantly during the full-scale invasion of Russia into Ukraine, has been carried out. The task of finding the most optimal solutions was solved according to the following criteria: ease of use, ability to integrate with other protection solutions, pricing policy and features. For this purpose, the work considered a general description of the structure and principle of operation of the SIEM system, determined the capabilities and features of modern SIEM systems, conducted a study of the following software (software): Splunk Enterprise Security (Splunk), Elastic Security, IBM QRadar SIEM, Wazuh SIEM, Microsoft Sentinel. As a result of the research, the following was revealed: modern SIEM solutions allow automating part of the processes of detection and response to security events, allow to take control of hybrid types of infrastructure, which may include cloud environments, virtualization and containerization systems, workstations and other corporate devices. They are implemented both in the form of deployment of their solutions at their own facilities, and in the form of renting relevant resources, providing a Software-as-a-Service service. At the same time, the presence of a large number of integrations with various software packages and systems allows SIEM to monitor the compliance of the current state of cyber protection of the organization's information infrastructure with certain international standards, such as ISO 27001, GDPR or PCI DSS. It was determined that modern SIEMs use advances in machine learning and artificial intelligence to detect anomalies in system and user behavior, as well as to prioritize identified vulnerabilities and suggest steps to improve the state of cyber defense. The considered solutions work in conjunction with other modern systems, such as SOAR or EDR/XDR, which increases the efficiency of SIEM systems and, as a result, security operation centers, therefore, according to the authors, the corresponding technologies deserve further research.
27
Qu, Yongxin, Yonghui Zhou, and Yunfeng Luo. "Structural Topology Optimization for Frequency Response Problems Using Adaptive Second-Order Arnoldi Method." Mathematics 13, no. 10 (2025): 1583. https://doi.org/10.3390/math13101583.
Full textAbstract:
For topology optimization problems under harmonic excitation in a frequency band, a large number of displacement and adjoint displacement vectors for different frequencies need to be computed. This leads to an unbearable computational cost, especially for large-scale problems. An effective approach, the Second-Order Arnoldi (SOAR) method, effectively solves the response and adjoint equations by projecting the original model to a reduced order model. The SOAR method generalizes the well-known Krylov subspace in a specified frequency point and can give accurate solutions for the frequencies near the specified point by using only a few basis vectors. However, for a wide frequency band, more expansion points are needed to obtain the required accuracy. This brings up the question of how many points are needed for an arbitrary frequency band. The traditional reduced order method improves the accuracy by uniformly increasing the expansion points. However, this leads to the redundancy of expansion points, as some frequency bands require more expansion points while others only need a few. In this paper, a bisection-based adaptive SOAR method (ASOAR), in which the points are added adaptively based on a local error estimation function, is developed to solve this problem. In this way, the optimal number and position of expansion points are adaptively determined, which avoids the insufficient efficiency or accuracy caused by too many or too few points in the traditional strategy where the expansion points are uniformly distributed. Compared to the SOAR, the ASOAR can deal with wide low/mid-frequency bands both for response and adjoint equations with high precision and efficiency. Numerical examples show the validation and effectiveness of the proposed method.
28
Howland-Gradman, June, and Sharon Broderick. "Soar to excellence with rapid feedback and rapid response." Nursing Management (Springhouse) 33, no. 2 (2002): 43. http://dx.doi.org/10.1097/00006247-200202000-00016.
Full text
29
Асаубаев, А. С., and Ж. Ж. Ахметова. "Artificial Intelligence and Machine Learning in SOAR." Вестник КазГЮИУ, no. 1(56) (March 10, 2023): 84–87. http://dx.doi.org/10.48501/2092.2023.14.10.004.
Full textAbstract:
В статье рассмотрена необходимость автоматизирования и организации процессов, подключая различные инструменты с использованием API-интерфейсов конкретных поставщиков, чтобы дать аналитикам возможность исследовать и принимать решения, повышающие эффективность процессов реагирования на инциденты. The article considers the need to automate and organize processes by connecting various tools using API-interfaces of specific suppliers in order to give analysts the opportunity to investigate and make decisions that increase the effectiveness of incident response processes.
30
Guduru, Sandhya. "SOAR Automation: Palo Alto Cortex XSOAR Playbooks for MISP Threat Intel Enrichment and TheHive Project Integration." International Journal of Science and Research (IJSR) 11, no. 11 (2022): 1545–48. https://doi.org/10.21275/sr22113123451.
Full text
31
Seo, Soobin, Dustin S. J. Van Orman, Mark Beattie, Lucrezia Cuen Paxson, and Jacob Murray. "Transforming Learning Orientations Through STEM Interdisciplinary Project-Based Learning." Education Sciences 14, no. 11 (2024): 1154. http://dx.doi.org/10.3390/educsci14111154.
Full textAbstract:
Science, technology, engineering, and math (STEM) education is challenged by industries to incorporate business, engineering, and communication experiences to prepare students for workplace success. In this study, we outline an approach—the STEM Oriented Alliance for Research (SOAR)—to enhance student experience by offering interdisciplinary project-based learning (IPBL) for undergraduate students majoring in electrical engineering, communications, and marketing. We examined how students’ disciplinary and cooperative orientations toward learning shifted in response to their experiences in a semester-long interdisciplinary project-based learning experience with authentic industry outputs. Using a multi-method approach, we explored how interdisciplinary projects influenced student experiences in terms of five collaboration abilities: positive interdependence, accountability, promotive interaction, group processing, and social skills. Further, we observed a shift from fixed- to more growth-oriented mindsets, and from a primarily disciplinary to interdisciplinary focus for their future professional work. The outcomes of the SOAR project make clear that providing structure for professional cooperation on interdisciplinary projects can have profound effects on how students learn to cooperate and position themselves as learners. For most SOAR participants, the experience was deeply formative and contributed to their readiness to cooperate and learn within the interdisciplinary and STEM-oriented workforce.
32
Dhungel, Rita. "SOAR as an Effective Community-based Response in Anti-Trafficking Movements." Journal of Advanced Academic Research 9, no. 1 (2022): 1–12. http://dx.doi.org/10.3126/jaar.v9i1.44039.
Full textAbstract:
Grounded in the narratives of women from rural communities who were forced to migrate to Kathmandu, the capital of Nepal, and later India, this paper critically examines the meaningful involvement of trafficking survivors for sexual exploitation in anti-trafficking movement in Nepal. Using the SOAR (Stop, Observe, Ask, and Respond) model, this paper explores the community-based responses to address the issues of human trafficking and post-trafficking. This paper is guided by migratory and intersectionality frameworks. Using the frameworks, Participatory Action Research (PAR), a transformative and an empowerment methodology, was conducted with eight female trafficking survivors who were exploited for sexual exploitation. PAR was used to critically understand intersectional gender oppression escalated the vulnerability of women to trafficking and made the women “doubly victimized” in their post trafficking. Through engaging in the study process, PAR allowed survivors to critically understand their own oppression and develop strategies to effectively act towards ending forced migration and trafficking. Using a thematic analysis, the collected information was categorized, and coded. The research team included the researcher and the trafficking survivors, who are recognized as “co-researchers” in this paper, identified and used a wide range of pragmatic approaches and tools such as street dramas, interactive sessions, peer interviews and meetings with political leaders. These approaches provided the survivors with an opportunity not only to share their voices and experiences on migration and trafficking, but also to highlight transformative impacts, including personal and social transformation.
33
Liu, Xiaoling, Tianyuan Zheng, Yan Jiang, et al. "Molecular Mechanism Analysis of STIM1 Thermal Sensation." Cells 12, no. 22 (2023): 2613. http://dx.doi.org/10.3390/cells12222613.
Full textAbstract:
STIM1 has been identified as a new warm sensor, but the exact molecular mechanism remains unclear. In this study, a variety of mutants of STIM1, Orai1 and Orai3 were generated. The single–cell calcium imaging and confocal analysis were used to evaluate the thermal sensitivity of the resulting STIM mutants and the interaction between STIM1 and Orai mutants in response to temperature. Our results suggested that the CC1–SOAR of STIM1 was a direct activation domain of temperature, leading to subsequent STIM1 activation, and the transmembrane (TM) region and K domain but not EF–SAM were needed for this process. Furthermore, both the TM and SOAR domains exhibited similarities and differences between STIM1–mediated thermal sensation and store–operated calcium entry (SOCE), and the key sites of Orai1 showed similar roles in these two responses. Additionally, the TM23 (comprising TM2, loop2, and TM3) region of Orai1 was identified as the key domain determining the STIM1/Orai1 thermal response pattern, while the temperature reactive mode of STIM1/Orai3 seemed to result from a combined effect of Orai3. These findings provide important support for the specific molecular mechanism of STIM1–induced thermal response, as well as the interaction mechanism of STIM1 with Orai1 and Orai3 after being activated by temperature.
34
Guduru, Sandhya. "Autonomous Cyber Defense: LLM-Powered Incident Response with LangChain and SOAR Integration." International Journal of Computer Science and Information Technology Research 6, no. 1 (2025): 72–82. https://doi.org/10.63530/ijcsitr_2025_06_01_008.
Full text
35
Guduru, Sandhya. "Autonomous Cyber Defense: LLM-Powered Incident Response with LangChain and SOAR Integration." International Journal of Science and Research (IJSR) 10, no. 5 (2021): 1378–82. https://doi.org/10.21275/sr21059083032.
Full text
36
Glaser, Maria, and André Knops. "Spatial biases in approximate arithmetic are subject to sequential dependency effects and dissociate from attentional biases." Journal of Numerical Cognition 9, no. 1 (2023): 44–64. http://dx.doi.org/10.5964/jnc.8373.
Full textAbstract:
The notion that mental arithmetic is associated with shifts of spatial attention along a spatially organised mental number representation has received empirical support from three lines of research. First, participants tend to overestimate results of addition and underestimate those of subtraction problems in both exact and approximate formats. This has been termed the operational momentum (OM) effect. Second, participants are faster in detecting right-sided targets presented in the course of addition problems and left-sided targets in subtraction problems (attentional bias). Third, participants are biased toward choosing right-sided response alternatives to indicate the results of addition problems and left-sided response alternatives for subtraction problems (Spatial Association Of Responses [SOAR] effect). These effects potentially have their origin in operation-specific shifts of attention along a spatially organised mental number representation: rightward for addition and leftward for subtraction. Using a lateralised target detection task during the calculation phase of non-symbolic additions and subtractions, the current study measured the attentional focus, the OM and SOAR effects. In two experiments, we replicated the OM and SOAR effects but did not observe operation-specific biases in the lateralised target-detection task. We describe two new characteristics of the OM effect: First, a time-resolved, block-wise analysis of both experiments revealed sequential dependency effects in that the OM effect builds up over the course of the experiment, driven by the increasing underestimation of subtraction over time. Second, the OM effect was enhanced after arithmetic operation repetition compared to trials where arithmetic operation switched from one trial to the next. These results call into question the operation-specific attentional biases as the sole generator of the observed effects and point to the involvement of additional, potentially decisional processes that operate across trials.
37
Mahoney, Lori, and Joseph W. Houpt. "Experience with Varied Levels of Automation Influences User Response Speed." Proceedings of the Human Factors and Ergonomics Society Annual Meeting 64, no. 1 (2020): 1608–12. http://dx.doi.org/10.1177/1071181320641388.
Full textAbstract:
When presenting an automated aid to a user, there is variation in how much a human or the automation is involved in making and acting on the decision. Level of automation describes the balance between human and computer in making decisions and selecting actions. In this study, we presented subjects with a speeded length-judgment task at two different levels of automation, manipulating the order of the automation level between subjects. We found a significant effect that subjects who were presented first with the condition where the automated aid allowed them to directly select a response (i.e., lower automation level) responded faster in later trials when then presented with the condition where the automated aid required them to agree or disagree with the aid’s response (i.e., higher automation level). This effect was not found when the higher level of automation was presented first.
38
Newell, Allen. "Précis ofUnified theories of cognition." Behavioral and Brain Sciences 15, no. 3 (1992): 425–37. http://dx.doi.org/10.1017/s0140525x00069478.
Full textAbstract:
AbstractThe book presents the case that cognitive science should turn its attention to developing theories of human cognition that cover the full range of human perceptual, cognitive, and action phenomena. Cognitive science has now produced a massive number of high-quality regularities with many microtheories that reveal important mechanisms. The need for integration is pressing and will continue to increase. Equally important, cognitive science now has the theoretical concepts and tools to support serious attempts at unified theories. The argument is made entirely by presenting an exemplar unified theory of cognition both to show what a real unified theory would be like and to provide convincing evidence that such theories are feasible. The exemplar is SOAR, a cognitive architecture, which is realized as a software system. After a detailed discussion of the architecture and its properties, with its relation to the constraints on cognition in the real world and to existing ideas in cognitive science, SOAR is used as theory for a wide range of cognitive phenomena: immediate responses (stimulus-response compatibility and the Sternberg phenomena); discrete motor skills (transcription typing); memory and learning (episodic memory and the acquisition of skill through practice); problem solving (cryptarithmetic puzzles and syllogistic reasoning); language (sentence verification and taking instructions); and development (transitions in the balance beam task). The treatments vary in depth and adequacy, but they clearly reveal a single, highly specific, operational theory that works over the entire range of human cognition, SOAR is presented as an exemplar unified theory, not as the sole candidate. Cognitive science is not ready yet for a single theory – there must be multiple attempts. But cognitive science must begin to work toward such unified theories.
39
Jabbar, Abdul, Qammer H. Abbasi, Nadeem Anjum, et al. "Millimeter-Wave Smart Antenna Solutions for URLLC in Industry 4.0 and Beyond." Sensors 22, no. 7 (2022): 2688. http://dx.doi.org/10.3390/s22072688.
Full textAbstract:
Industry 4.0 is a new paradigm of digitalization and automation that demands high data rates and real-time ultra-reliable agile communication. Industrial communication at sub-6 GHz industrial, scientific, and medical (ISM) bands has some serious impediments, such as interference, spectral congestion, and limited bandwidth. These limitations hinder the high throughput and reliability requirements of modern industrial applications and mission-critical scenarios. In this paper, we critically assess the potential of the 60 GHz millimeter-wave (mmWave) ISM band as an enabler for ultra-reliable low-latency communication (URLLC) in smart manufacturing, smart factories, and mission-critical operations in Industry 4.0 and beyond. A holistic overview of 60 GHz wireless standards and key performance indicators are discussed. Then the review of 60 GHz smart antenna systems facilitating agile communication for Industry 4.0 and beyond is presented. We envisage that the use of 60 GHz communication and smart antenna systems are crucial for modern industrial communication so that URLLC in Industry 4.0 and beyond could soar to its full potential.
40
Mole, Callum, Jami Pekkanen, William Sheppard, et al. "Predicting takeover response to silent automated vehicle failures." PLOS ONE 15, no. 11 (2020): e0242825. http://dx.doi.org/10.1371/journal.pone.0242825.
Full textAbstract:
Current and foreseeable automated vehicles are not able to respond appropriately in all circumstances and require human monitoring. An experimental examination of steering automation failure shows that response latency, variability and corrective manoeuvring systematically depend on failure severity and the cognitive load of the driver. The results are formalised into a probabilistic predictive model of response latencies that accounts for failure severity, cognitive load and variability within and between drivers. The model predicts high rates of unsafe outcomes in plausible automation failure scenarios. These findings underline that understanding variability in failure responses is crucial for understanding outcomes in automation failures.
41
Hutchinson, Jack, Luke Strickland, Simon Farrell, and Shayne Loft. "Human behavioral response to fluctuating automation reliability." Applied Ergonomics 105 (November 2022): 103835. http://dx.doi.org/10.1016/j.apergo.2022.103835.
Full text
42
Wildey, Mary Jo, and Carol Ann Homon. "Response to: Automation Basics: Robotics vs. Workstations." Journal of Biomolecular Screening 4, no. 3 (1999): 115. http://dx.doi.org/10.1177/108705719900400302.
Full text
43
Siva, Kumar Mamillapalli. "Streamlining Network Management with Automation." International Journal of Leading Research Publication 1, no. 4 (2020): 1–5. https://doi.org/10.5281/zenodo.14982469.
Full textAbstract:
The increasing complexity of modern networks renders manual management and incident response unsustainable. This paper investigates how artificial intelligence (AI), machine learning (ML), and software-defined networking (SDN) can automate these critical functions. By leveraging AI/ML for proactive configuration, monitoring, and maintenance, and utilizing SDN for centralized control and scalability, networks can achieve significant improvements in efficiency, security, and performance. Automation also enables real-time threat detection and mitigation, dramatically shortening incident response times. While challenges like data privacy and false positives exist, and future advancements like quantum computing and blockchain are anticipated, the benefits of automated network management and incident response – enhanced efficiency, security, and cost reduction – are undeniable, paving the way for more robust and secure network infrastructures.
44
Cohen-Lazry, Guy, Avinoam Borowsky, and Tal Oron-Gilad. "The Effects of Continuous Driving-Related Feedback on Drivers’ Response to Automation Failures." Proceedings of the Human Factors and Ergonomics Society Annual Meeting 61, no. 1 (2017): 1980–84. http://dx.doi.org/10.1177/1541931213601974.
Full textAbstract:
During prolonged periods of autonomous driving, drivers tend to shift their attention away from the driving task. As a result, they require more time to regain awareness of the driving situation and to react to it. This study examined the use of informative automation that during Level-3 autonomous driving provided drivers with continuous feedback regarding the vehicle’s actions and surroundings. It was hypothesized that the operation of informative automation will trigger drivers to allocate more attention to the driving task and will improve their reaction times when resuming control of the vehicle. Sixteen participants drove manual and autonomous driving segments in a driving simulator equipped with Level-3 automation. For half of the participants, the informative automation issued alerts and messages while for the other half no messages were issued (control). The number of on-road glances served as a proxy for drivers’ attention. Drivers’ performance on handling an unexpected automation failure event was measured using their time-to-brake and time-to-steer. Results showed that drivers using the informative automation made more frequent on-road glances than drivers in the control group. Yet, there were no significant differences in reaction times to the automation failure event between the groups. Explanations and implications of these results are discussed.
45
Suresh Vethachalam. "Cybersecurity automation: Enhancing incident response and threat mitigation." World Journal of Advanced Engineering Technology and Sciences 15, no. 3 (2025): 572–85. https://doi.org/10.30574/wjaets.2025.15.3.0972.
Full textAbstract:
This study looks at the rise of automation in cybersecurity as a way to deal with the rising number and difficulty of cyber threats. Cybersecurity gets a boost from automation because it helps catch attacks early, avoids mistakes by people and speeds up the response which is necessary to prevent major consequences from comprehensive attacks. The research uses a mix of working with data and studying industry cases to assess the performance of automated security systems. Automated tools are shown to raise the detection level and bring down the number of fake alerts, so security teams can look into only the most important risks. Also, automation helps the response team by speeding up the process between discovering a threat and dealing with it. They make networks in different organizations better able to handle cybersecurity risks. It points out how introducing automation into cybersecurity helps solve problems, but it also brings up issues about keeping up with changes and resolving ethical questions. Researchers may focus on using AI to manage computers more efficiently and look into security frameworks designed to respond to the latest threats from cybercrime.
46
Tilbury, Jack, and Stephen Flowerday. "Automation Bias and Complacency in Security Operation Centers." Computers 13, no. 7 (2024): 165. http://dx.doi.org/10.3390/computers13070165.
Full textAbstract:
The volume and complexity of alerts that security operation center (SOC) analysts must manage necessitate automation. Increased automation in SOCs amplifies the risk of automation bias and complacency whereby security analysts become over-reliant on automation, failing to seek confirmatory or contradictory information. To identify automation characteristics that assist in the mitigation of automation bias and complacency, we investigated the current and proposed application areas of automation in SOCs and discussed its implications for security analysts. A scoping review of 599 articles from four databases was conducted. The final 48 articles were reviewed by two researchers for quality control and were imported into NVivo14. Thematic analysis was performed, and the use of automation throughout the incident response lifecycle was recognized, predominantly in the detection and response phases. Artificial intelligence and machine learning solutions are increasingly prominent in SOCs, yet support for the human-in-the-loop component is evident. The research culminates by contributing the SOC Automation Implementation Guidelines (SAIG), comprising functional and non-functional requirements for SOC automation tools that, if implemented, permit a mutually beneficial relationship between security analysts and intelligent machines. This is of practical value to human automation researchers and SOCs striving to optimize processes. Theoretically, a continued understanding of automation bias and its components is achieved.
47
Calhoun, Gloria, Heath Ruff, Elizabeth Frost, Sarah Bowman, Jessica Bartik, and Kyle Behymer. "Performance-Based Adaptive Automation: Number of Task Types and Response Time Measures Triggering Level of Automation Changes." Proceedings of the Human Factors and Ergonomics Society Annual Meeting 65, no. 1 (2021): 37–41. http://dx.doi.org/10.1177/1071181321651099.
Full textAbstract:
A key challenge facing automation designers is how to achieve an ideal balance of system automation with human interaction for optimal operator decision making and system performance. A performance-based adaptive automation algorithm was evaluated with two versus six monitored task types. Results illustrate the importance of level of automation choices in control schemes.
48
Shinde, Sandhya, Suchita Wayadande, Shrawni Shinde, and Raj Gurav. "MSRTC Bus Automation." International Journal of Electronics and Computer Applications 1, no. 2 (2024): 36–39. https://doi.org/10.70968/ijeaca.v1i2.3.
Full textAbstract:
The MSRTC Bus Automation and Emergency Alert System is a comprehensive solution designed to enhance public security and safety within the Maharashtra State Road Transport Corporation (MSRTC) bus fleet. This smart assistance system encompasses features to mitigate risks such as rash driving, with accident detection and monitoring capabilities. Utilizing GPS technology and an intuitive Android application, users can conveniently track bus locations in real-time. In addition to providing real-time tracking, the system facilitates emergency alerts to hospitals, police stations, and bus depots, ensuring swift response in critical situations. With a focus on user-friendliness and intelligent features, this system aims to optimize public transport, catering to the needs of Smart Cities and promoting efficient and safe travel for passengers.
49
Costanzo, Don. "AUTOMATED ICS: A FRAMEWORK FOR SUCCESS." International Oil Spill Conference Proceedings 2001, no. 2 (2001): 1033–34. http://dx.doi.org/10.7901/2169-3358-2001-2-1033.
Full textAbstract:
ABSTRACT Over the years, many organizations have attempted to automate the Incident Command System (ICS). These attempts have ranged from computerizing T-cards to a nationwide spill operations system. Over time, these systems have had varying degrees of success. While certain inherent reasons exist for not automating ICS, they are outweighed by the tremendous potential of successful automation. The need to produce documentation, the integration of ICS sections, and the rapid change of information all lend themselves to automation. Successful ICS automation does not start with computerizing ICS forms. The hey to automating ICS is to automate both ICS and response processes. In a response effort, many separate and distinct processes occur daily. The requisitioning of resources, the planning and application of the response organization, cost accounting, and the development of an Incident Action Plan (IAP) occur many times during an incident. This paper describes a framework for automating and integrating these processes. This framework offers organizations a road map for successful ICS automation. The poster presentation includes a software demonstration that illustrates the benefits of integrated automation.
50
Bertolino, Antonia, Antonello Calabrò, Eda Marchetti, et al. "Cloud testing automation: industrial needs and ElasTest response." IET Software 14, no. 5 (2020): 553–62. http://dx.doi.org/10.1049/iet-sen.2019.0140.
Full text